We have archived this page on the web
The information was accurate at the time of publishing but may no longer reflect the current state at the Canada Border Services Agency. It is not subject to the Government of Canada web standards.
Annual Report to Parliament on the Privacy Act
Canada Border Services Agency 2019 to 2020
Table of contents
- Chapter 1: Privacy Act report
- Chapter 2: Statistical report
- Statistical report on the Privacy Act
- Interpretation of the statistical report
- I. Requests received and completed under the Privacy Act
- II. Completion time
- III. Extensions
- IV. Consultations received from other institutions and organizations
- V. Completion time of consultations on Cabinet confidences
- VI. Complaints and investigations
- VII. Privacy breaches
- VIII. COVID-19: Impact on the CBSA information sharing, access to information and chief privacy office
- IX. Conclusion
- Annex A: Delegation order
- Annex B: Statistical report
- Annex C: Supplemental statistical report—Request affected by COVID-19 measures
Chapter 1: Privacy Act report
Introduction
The Canada Border Services Agency (CBSA) is pleased to present to Parliament, in accordance with section 72 of the Privacy Act, its annual report on the management of this Act. The report describes the activities that support compliance with the Privacy Act for the fiscal year commencing , and ending . During this period, the CBSA continued to build on successful practices implemented in previous years.
The purpose of this Act is to extend the present laws of Canada that protect the privacy of individuals with respect to personal information about themselves held by a government institution and that provide individuals with a right of access to that information. Footnote 1
As stated in subsections 72(1) and 72(2) of the Privacy Act, "Every year the head of every government institution shall prepare a report on the administration of this Act within the institution during the period beginning on April 1 of the preceding year and ending on March 31 of the current year.… Every report prepared under subsection (1) shall be laid before each House of Parliament on any of the first 15 days on which that House is sitting after September 1 of the year in which the report is prepared." Footnote 2
Organization
I. About the Canada Border Services Agency
The CBSA has been, since 2003, an integral part of the Public Safety Canada (PS) portfolio, which was created to protect Canadians and maintain a peaceful and safe society. The Agency is responsible for providing integrated border services that support national security and public safety priorities and facilitate the free flow of persons and goods, including animals and plants, that meet all requirements under the program legislation.Footnote 3
The CBSA carries out its responsibilities with a workforce of approximately 14,000 employees, including over 6,500 uniformed CBSA officers who provide services at approximately 1,200 points across Canada and at 39 international locations. Footnote 4
II. Information sharing, access to information and chief privacy office
The Information Sharing, Access to Information and Chief Privacy (ISATICP) Office is comprised of 6 units: an Administration section, 3 Case Management units, and 2 Policy units. The Administration section’s function is to receive all incoming requests and consultations, to ensure quality control of all outgoing correspondence, and to support the Case Management units in their day-to-day business. The Case Management units assign branches and regions with retrieval requests, process requests under the Privacy Act, and provide daily operational guidance and support to CBSA employees. The ATIP Policy and Governance Unit develops policies, tools, and procedures to support ATIP requirements within the CBSA and provides training to employees. The Information Sharing and Collaborative Arrangement Policy Unit maintains the policy framework for the CBSA’s information-sharing and domestic written collaborative arrangements. On average, 81 full-time equivalents, and 7 part-time, casual and student employees were employed in the ISATICP Office during fiscal year 2019 to 2020.
The ATIP coordinator for the CBSA is the Executive Director of the ISATICP Office. The ISATICP Office is part of the Chief Data Office, which reports to the Vice-President (VP) of the Strategic Policy Branch. Consistent with best practices identified by the Treasury Board of Canada Secretariat (TBS), Footnote 5 the CBSA's ATIP coordinator is positioned within 3 levels of the President and has full delegated authority, reporting directly to the Chief Data Officer, who in turn reports to the VP of the Strategic Policy Branch.
Key to maintaining compliance with the statutory time requirements of the Privacy Act is the ISATICP Office’s ability to obtain personal information from branches and regions in a timely and reliable manner. Supported by a network of 19 ATIP liaison officers across the CBSA, the ISATICP Office is well-positioned to receive, coordinate, and process requests for personal information under the Privacy Act.
The ISATICP Office works closely with other members of the PS portfolio, including the Canadian Security Intelligence Service, the Correctional Service of Canada, the Parole Board of Canada, and the Royal Canadian Mounted Police, to share best practices and develop streamlined processes for the retrieval of jointly held records within the 30-day legislated time frame required to respond to privacy requests.
Activities and accomplishments
I. Performance
Fiscal year 2019 to 2020 saw record high volumes of privacy requests made to the CBSA. The record volumes are largely attributable to individuals seeking copies of their history of arrival dates into Canada. In fiscal year 2019 to 2020, 81.8% of all the privacy requests received by the CBSA came from individuals seeking their Traveller History Report (THR), which contains information used to support residency requirements for programs administered by Immigration, Refugees and Citizenship Canada (IRCC) and Employment and Social Development Canada (ESDC).
In September 2012, IRCC, in consultation with the CBSA, introduced a new consent-based application form which sees applicants for citizenship provide consent on their applications for IRCC to view their travel history directly. The CBSA has allocated 100 accounts to the IRCC to verify (view only) clients’ THR to Canada. IRCC has since viewed approximately 1.55 million THR, of which 295,352 were in fiscal year 2019 to 2020, that might otherwise have been requested formally through the CBSA by way of formal Privacy Act, or Access to Information Act requests.
The CBSA continued to see high volumes of privacy requests submitted through the Access to Information and Privacy Online Request tool. Through this tool, the Agency received 11,876 requests, which amounted to 84.2% of all privacy requests received by the CBSA.
The CBSA continued to offer the electronic format for responses to privacy requests. Although electronic format made up only 11.6%, these requests accounted for 84.2% of all the pages the CBSA disclosed in their entirety or disclosed in part this fiscal year.
The ISATICP Office also provided case-by-case policy guidance to CBSA program areas related to the disclosure of information under section 8 of the Privacy Act and section 107 of the Customs Act. In total, the ISATICP Office received 1,817 requests for guidance in fiscal year 2019 to 2020, representing an increase of 2.2% over the previous year.
The CBSA ISATICP Office is one of the largest and busiest in all of government. Our staff are committed professionals who operate daily with large workloads and in a fast-paced environment which is why we are committed to offering a well-managed healthy environment, with staff well-being as an extremely important aspects for the CBSA ISATICP Office.
Being an agency with information stored across the country as well as internationally, the use of electronic filing systems has become increasingly important. With this in mind, the office has transitioned to an entirely paperless environment. Adding remote access capability to the new paperless environment enabled us to continue a telework schedule that allows our employees the option to work from home. The results have been remarkable with the best on-time performance within the legislated timeframe in the history of the CBSA despite record high volumes of requests received.
Finally, as per Section 73.1 of the Privacy Act, the CBSA ISATICP Office has not provided services related to any power, duty or function conferred or imposed on the CBSA under this Act to another government institution that is under the responsibility of the Minister of Public Safety and Emergency Preparedness and has not receive such services from any other such government institution.
II. Education and training
In fiscal year 2019 to 2020, the ISATICP Office continued to conduct bilingual training sessions that supported the implementation of streamlined processing procedures and built an awareness of ATIP obligations. These sessions are designed to ensure that the participants fully understand their responsibilities under the Privacy Act, with a focus on requests made pursuant to the Act and the duty-to-assist principles. Sixteen sessions were offered, with 235 National Capital Region (NCR) and regional employees taking part.
CBSA employees also took advantage of the free online course entitled "Managing Information at the Canada Border Services Agency and the Access to Information Act and the Privacy Act." This one-hour online course was designed to provide employees with the basic principles for effectively managing information in their daily work. After completing this course, employees will have acquired the knowledge to better identify various types of information, learned how requests under the Access to Information Act and the Privacy Act are handled, and learned about their responsibilities throughout the process. A total of 685 participants completed the online training in fiscal year 2019 to 2020.
Moreover, the ISATICP Office delivered 12 in-class training sessions on section 107 of the Customs Act, as well as basic information-sharing, disclosure of intelligence-related information, and business line-specific training sessions to 183 employees in the NCR and across the regions. In addition, before attending the in-class training, employees are advised to complete the interactive online training course, regarding information sharing that was developed by the ISATICP Office.
Further, the ISATICP Office developed a communications plan to raise employees’ awareness of their obligations under the Privacy Act. The plan leverages key dates, such as Data Privacy Day, and other activities at the CBSA to promote ATIP tools, resources, and awareness.
Finally, the ISATICP Office continues to actively participate in the TBS-led ATIP coordinators’ and ATIP practitioners’ meetings. These meetings provide opportunities for employees of the CBSA ISATICP Office to liaise with employees from other institutions to discuss various issues and challenges that have been identified by the ATIP community.
III. New and revised privacy-related policies and procedures
During fiscal year 2019 to 2020, the CBSA continued to revise existing policies and to develop new ones.
The ISATICP Office has continued to take a number of measures to enhance and promote ATIP tools that are readily accessible to CBSA employees by utilizing Apollo (GCDocs). To this end, we are able to ensure that the ISATICP Office intranet site is up to date and available to all CBSA employees. This allows the ISATICP Office to quickly share information and best practices and to facilitate collaboration across the Agency.
The CBSA continued to see a rise in ATIP related audio/video redacting requests. In response to this growth, the ISATICP Office has continued to take measures to respond to these requests in a timely manner by installing additional redaction stations and new software that facilitate our redaction capacity within the ISATICP Office.
It should also be noted that as part of an Innovation Solutions Canada challenge initiative, the ISATICP Office, in partnership with the Chief Transformation Officer Branch and the Information, Science and Technology Branch, is currently involved in a project allowing private companies to introduce applied concept for the redaction of video recording, a solution that will allow video and audio recordings to be automatically processed. This year, the ISATICP Office has provided assistance in the testing and the evaluation on this new software. Once available, this software will be promoted as the solution for processing video and audio recordings for the entirety of the Government of Canada.
This year, the CBSA continued to be an active and key participant in the Privacy Act Modernization working group, which has helped establish the CBSA’s position on the modernization of this Act. The CBSA believes that a modernized Act should facilitate the government work while continuing to respect individuals’ privacy rights and the Canadian Charter of Rights and Freedom. The CBSA will continue to develop policy options, and to work on transition advice, alongside the Department of Justice, in the modernization of the Privacy Act.
The second annual report to the Minister of Public Safety and Emergency Preparedness on the application of the Order in Council to the CBSA: Avoiding Complicity in Mistreatment by Foreign Entities, was issued to the CBSA President, and subsequently presented to the Minister in March 2020.
The ISATICP Office continued to provide the service of informally reviewing CBSA records for internal programs as if they had been requested under the Privacy Act. The ISATICP Office received 160 internal requests of this nature in fiscal year 2019 to 2020.
The ISATICP Office closely monitors the time it takes to process privacy requests. Monthly reports, which show trends and performance, are submitted to the Assistant Directors of the Case Management units, to the Executive Director of the ISATICP Office, and to the Chief Data Officer. Monthly reports consisting of statistics on the performance of the offices of primary interest are also distributed to all ATIP liaison officers. Finally, quarterly trend reports portraying the overall performance of the Agency are reviewed and discussed during meetings of the Agency’s Executive Committee Footnote 6 and are included in the Agency Performance Summary.
IV. Reading room
The CBSA, in accordance with the Privacy Act, maintains a reading room for applicants who wish to review material in person at the CBSA. Applicants may access the reading room by contacting the CBSA’s ISATICP office by telephone at 343-291-7021 or by sending an email to atip-aiprp@cbsa-asfc.gc.ca. The reading room is located at:
Place Vanier Complex
14th flr Tower A
333 North River Rd
Ottawa ON K1A 0L8
V. Audits of, and investigations into the privacy practices of the Canada Border Services Agency
Between 2019 and 2020, the ISATICP Office underwent a review by the CBSA Internal Audit and Program Evaluation Directorate concerning the Management of Privacy Breaches at the CBSA. The review was completed in fiscal year 2019 to 2020 and the recommendations are as follows:
Recommendation 1: The Vice-President (VP), Strategic Policy Branch (SPB), should implement improved tracking of privacy breach management (such as a case management software) and additional measures to promote accountability for the expectations and timelines set out in the Privacy Breach Protocol.
Management response 1: The SPB is in agreement with this recommendation and will work to promote accountability and expectations and improve how the branch is tracking privacy breaches.
Recommendation 2: The VP, SPB, as part of monitoring and reporting on the privacy management program, should conduct regular analysis of privacy breaches (including trend analysis of types, locations, root causes etc.) and evolve Agency privacy practices as required. This information should also be used to identify where Office of Primary Interests may need to implement additional controls and to review the effectiveness of remediation measures.
Management response 2: The SPB is in agreement with this recommendation. The SPB will conduct regular analysis of privacy breaches and evolve Agency privacy practices. In addition, the SPB will use this information to identify where additional controls need to be implemented and will review the effectiveness of these remediation measures.
Recommendation 3: The VP, SPB, should develop a risk-based strategy to identify and assess areas that are most susceptible to privacy breaches and work with the information owners to ensure appropriate controls are in place and functioning to protect the personal information.
Management response 3: The SPB is in agreement with this recommendation. SPB will conduct a risk-based assessment of Agency personal information holdings to identify areas that are most susceptible to privacy breaches. The SPB will also work with the information owners to provide advice to ensure that appropriate controls are in place and are functioning to protect the personal information.
VI. Privacy Impact Assessments
In fiscal year 2019 to 2020, the CBSA completed 3 Privacy Impact Assessments (PIA). They were all sent to the Office of the Privacy Commissioner of Canada and TBS for review and comments.
The 3 PIAs completed by the CBSA are:
- NEXUS
- CANPASS
- Radio frequency identification-enabled document data (RFID)
Full executive summaries of these PIAs are available.
NEXUS
NEXUS is a bi-national Canada-United States (U.S.) program managed by the CBSA and U.S. Customs and Border Protection (CBP). The Trusted Traveller Programs Unit of the Travellers Programs at the CBSA is the Office of Primary Interest for NEXUS.
NEXUS allows customs and immigration border clearance processes to be streamlined for pre-approved, low-risk travellers, and permits the CBSA and the U.S. CBP to allocate their resources more effectively at the border. Membership is 5 years and provides expedited border clearance into Canada and the U.S. in the land, air and marine travel modes. In 2002, the NEXUS program was delivered in a travel mode specific format, beginning with the NEXUS Highway Program. Subsequently in 2006, the NEXUS suite of programs was harmonized to provide members with expedited travel privileges in all 3 travel modes (land, air and marine). NEXUS members use dedicated lanes in the highway mode, self-serve kiosks in the air mode and report through the Telephone Reporting Centres in the marine mode.
CANPASS
This Umbrella PIA includes all activities relating to the collection, storage and use of personal information by the CBSA as it relates to the CANPASS suite of programs (CANPASS Corporate Air, CANPASS Private Air, CANPASS Air and CANPASS Private Boats ), the Commercial Driver Registration Program (CDRP) and the Pilot Project for Travellers in Remote Areas: Quebec (PPTRA-Q). These Trusted Traveller Programs (TTPs) store personal information in similar databases whereby CANPASS Corporate Air, Private Air, Private Boats and CDRP all use the Canadian Processing Centre System and PPTRA-Q and CANPASS Air use the Global Enrolment Component.
The CANPASS suite of programs is a suite of voluntary TTPs in the air and marine modes offered by the CBSA to expedite the border clearance process for frequent, pre-approved, low risk travellers arriving in Canada. A separate application form is required for each applicant and CANPASS program. The existing CANPASS Corporate Air and CANPASS Private Air programs are open to Canadian and U.S. citizens and permanent residents who meet the program eligibility criteria.
Radio frequency identification-enabled document data
This PIA replaces the PIA submitted in December 2008 entitled Enhanced Driver’s Licence (EDL) and Enhanced Identification Card (EIC) Program: Use of EDL data by the CBSA, which is a collaborative program between the CBSA and 3 participating provinces: Ontario, Manitoba and British Columbia. A fourth province, Quebec, also initially participated but discontinued the availability of a Quebec Enhanced Driver’s Licence (EDL) to new applicants in October 2014. Quebec EDLs currently in circulation will remain active until they expire, and as such, are out for scope for this addendum. These provinces earlier agreed to make available enhanced documents (such as a Driver’s Licence or an Identification Card) that meet the requirements of the Western Hemisphere Travel Initiative, allowing Canadian citizens to use the identification to facilitate land or water travel between Canada and the U.S.
Disclosures made pursuant to paragraph 8(2)(e) of the Privacy Act
During the 2019 to 2020 fiscal year, 1,066 disclosures pursuant to paragraph 8(2)(e) of the Privacy Act were made by the CBSA.
Disclosures made pursuant to paragraph 8(2)(m) of the Privacy Act
During the 2019 to 2020 fiscal year, the CBSA made no disclosure pursuant to paragraph 8(2)(m) of the Privacy Act.
Delegation order
Refer to Annex A for a signed copy of the delegation order.
Chapter 2: Statistical report
Statistical report on the Privacy Act
Refer to Annex B for the CBSA's statistical report on the Privacy Act.
Interpretation of the statistical report
I. Requests received and completed under the Privacy Act
The CBSA received 14,102 privacy requests in fiscal year 2019 to 2020, which was an increase of 4.9% over the previous year. Moreover, the CBSA responded to 13,866 Privacy Act requests, representing 91% of the total Number of requests received and outstanding from the previous reporting period. Of the 1,365 requests carried over to fiscal year 2020 to 2021, 1,016 were on time and 349 were late. Finally, the CBSA processed 547,551 pages under the Privacy Act.
For the past 5 years, the CBSA has consistently been among the top government departments in terms of workload. While receiving a substantial Number of requests each year, the CBSA has been able to maintain and improve upon its performance in a year which has seen its greatest Number of requests ever received.
Image description
| Fiscal year | Requests received | Completed requests |
|---|---|---|
| 2015 to 2016 | 11,247 | 11,400 |
| 2016 to 2017 | 11,590 | 11,791 |
| 2017 to 2018 | 13,429 | 13,575 |
| 2018 to 2019 | 13,447 | 13,873 |
| 2019 to 2020 | 14,102 | 13,866 |
II. Completion time
Of all the requests completed, the CBSA was successful in responding to 98.5% within the legislated timelines, an increase from the 97.9% achieved last fiscal year.
III. Extensions
In total, 910 extensions were applied for in fiscal year 2019 to 2020. This represents a decrease of 23.8% in extensions in comparison to the previous fiscal year, and this despite an increase in the volume of requests received. Extensions were applied 98.5% of the time because of workload and meeting the original 30-day time limit would have resulted in unreasonable interference with the CBSA operations. The remaining 1.5% of the time was for consulting with third parties or other government institutions, or for additional time for translation purposes or for the purposes of converting the personal information into an alternative format.
IV. Consultations received from other institutions and organizations
Between 2019 and 2020, the CBSA completed 80 consultation requests from other government institutions and organizations. This represents a decreased of 21.6% in comparison to the previous fiscal year. However, in order to respond to these requests, 34,810 pages were reviewed, an increase of more than 820.7% from the previous fiscal year.
V. Completion time of consultations on Cabinet confidences
Although Cabinet confidences are excluded from the application of the Privacy Act (section 70), the policies of the Treasury Board of Canada Secretariat require agencies and departments to consult their legal services to determine if requested information should be excluded. If there is any doubt or if the records contain discussion papers, legal counsel must consult the Office of the Counsel to the Clerk of the Privy Council Office.
Between 2019 and 2020 the CBSA did not consulted CBSA Legal services regarding Cabinet confidence exclusions, due to the fact that requesters are excluding Cabinet confidences from their requests.
VI. Complaints and investigations
Subsection 29(1) of the Privacy Act describes how the Office of the Privacy Commissioner of Canada (OPC) receives and investigates complaints from individuals regarding their personal information held by a government institution. Examples of complaints the OPC may choose to investigate include a refusal of access to personal information; an allegation that personal information about an individual that is held by a government institution has been misused or wrongfully disclosed; or failure to provide access to personal information in the official language requested by the individual.
Throughout fiscal year 2019 to 2020, 59 Privacy Act complaints were filed against the CBSA, which represents a decrease of 7.8% compared to fiscal year 2018 to 2019. The reason most cited for complaints was the refusal to disclose information. The complaints received during the fiscal year were related to the following issues: time delay (17); refusal to disclose (18); application of exemptions (14); use and disclosure (2); collection (2); extension (2); and miscellaneous (4). For context, the number of complaints filed relate to only 0.4% of the 13,866 privacy requests completed during this period.
Of the 86 complaints completed in fiscal year 2019 to 2020, 47 were deemed well-founded, and 21 were deemed not well-founded. Additionally, 15 complaints were resolved; 2 were discontinued; and one was settled. Where complaints are substantiated, the matter is reviewed by the delegated managers and processes are adjusted if required.
VII. Privacy breaches
There were no material privacy breaches reported during fiscal year 2019 to 2020.
VIII. COVID-19: Impact on the CBSA information sharing, access to information and chief privacy office
The CBSA Information Sharing, Access to Information and Chief Privacy (ISATICP) Office continued to work effectively as we were, prior to COVID-19, since the office already had remote access capability which enabled us to continue to work from home.
Between and , the CBSA ISATICP Office received 524 Privacy Act requests, which relate to only 3.7% of the 14,102 access to information requests received between 2019 and 2020.
During the same period, the CBSA ISATICP Office closed a total of 312 Privacy Act requests, of which 288 (92.3%) were closed within the legislative timeliness, and 24 (7.7%) were closed past the legislative timelines, thereby maintaining continued strong legislative compliance.
Finally, in accordance with TBS guidelines, the Agency implemented interim measures for processing Privacy Act requests due to COVID-19. Since paper records were not accessible, the ISATICP Office contacted each requester for new and outstanding requests to offer that they limit their request to electronic records, thereby making them retrievable remotely. This new measure was very well received by requesters.
IX. Conclusion
The achievements portrayed in this report reflect the CBSA’s commitment to ensuring that every reasonable effort is made to meet its obligations under the Privacy Act. The CBSA strives to provide Canadians with their personal information to which they have a right in a timely and helpful manner while protecting the privacy rights of all Canadians.
Annex A: Delegation order
Ministerial Order
Access to Information Act and Privacy Act
Pursuant to section 73 of the Access to Information ActFootnote 1 and section 73 of the Privacy ActFootnote 2, I hereby designate the persons holding the positions set out in the schedule hereto, or a person authorized to exercise the powers or perform the duties and functions of that position, to exercise or perform the powers, duties and functions of the Minister of Public Safety and Emergency Preparedness as the head of the Canada Border Services Agency under the provisions of the Act and related regulations set out in the schedule opposite each position.
This Order replaces previous designation orders and comes into force on the date on which it is signed.
Dated at Ottawa, Province of Ontario, this .
The Honourable Bill Blair, P.C., C.O.M., M.P.
Minister of Public Safety and Emergency Preparedness
| Position | Access to Information Act and Regulations |
Privacy Act and Regulations |
|---|---|---|
| President | Full authority | Full authority |
| Executive Vice-President | Full authority | Full authority |
| Vice-President Strategic Policy Branch |
Full authority | Full authority |
| Director General Chief Data Office |
Full authority | Full authority |
| Executive Director Information Sharing, Access to Information and Chief Privacy Office (ISATICPO) |
Full authority | Full authority |
| Assistant Director Information Sharing, Access to Information and Chief Privacy Office (ISATICPO) |
Full authority | Full authority (except 8(2)(m)) |
| Team Leader Information Sharing, Access to Information and Chief Privacy Office (ISATICPO) |
Full authority | Full authority (except 8(2)(m)) |
Annex B: Statistical report on the Privacy Act
Name of institution: Canada Border Services Agency
Reporting period: 2019-04-01 to 2020-03-31
Section 1: Requests under the Privacy Act
| Received during reporting period | 14,102 |
| Outstanding from previous reporting period | 1,129 |
| Total | 15,231 |
| Closed during reporting period | 13,866 |
| Carried over to the next reporting period | 1,365 |
Section 2: Requests closed during the reporting period
| Disposition of requests | 1 to 15 | 16 to 30 | 31 to 60 | 61 to 120 | 121 to 180 | 181 to 365 | More than 365 | Total |
|---|---|---|---|---|---|---|---|---|
| All disclosed | 1,861 | 7,016 | 801 | 30 | 1 | 2 | 0 | 9,711 |
| Disclosed in part | 260 | 1,094 | 692 | 305 | 22 | 23 | 17 | 2,413 |
| All exempted | 1 | 3 | 9 | 9 | 1 | 0 | 4 | 27 |
| All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| No records exist | 63 | 174 | 54 | 12 | 1 | 0 | 1 | 305 |
| Request abandoned | 846 | 391 | 160 | 0 | 1 | 0 | 3 | 1,401 |
| Neither confirmed nor denied | 2 | 0 | 3 | 4 | 0 | 0 | 0 | 9 |
| Total | 3,033 | 8,678 | 1,719 | 360 | 26 | 25 | 25 | 13,866 |
| Section | Number of requests |
|---|---|
| 18(2) | 0 |
| 19(1)(a) | 779 |
| 19(1)(b) | 20 |
| 19(1)(c) | 28 |
| 19(1)(d) | 61 |
| 19(1)(e) | 0 |
| 19(1)(f) | 0 |
| 20 | 1 |
| 21 | 731 |
| 22(1)(a)(i) | 3 |
| 22(1)(a)(ii) | 0 |
| 22(1)(a)(iii) | 1 |
| 22(1)(b) | 1,323 |
| 22(1)(c) | 14 |
| 22(2) | 0 |
| 22.1 | 0 |
| 22.2 | 0 |
| 22.3 | 0 |
| 22.4 | 0 |
| 23(a) | 1 |
| 23(b) | 0 |
| 24(a) | 0 |
| 24(b) | 0 |
| 25 | 287 |
| 26 | 2,154 |
| 27 | 25 |
| 27.1 | 0 |
| 28 | 0 |
| Section | Number of requests |
|---|---|
| 69(1)(a) | 0 |
| 69(1)(b) | 0 |
| 69.1 | 0 |
| 70(1) | 0 |
| 70(1)(a) | 0 |
| 70(1)(b) | 0 |
| 70(1)(c) | 0 |
| 70(1)(d) | 0 |
| 70(1)(e) | 0 |
| 70(1)(f) | 0 |
| 70.1 | 0 |
| Paper | Electronic | Other |
|---|---|---|
| 10,720 | 1,404 | 0 |
2.5 Complexity
| Number of pages processed | Number of pages disclosed | Number of requests |
|---|---|---|
| 547,551 | 393,974 | 13,561 |
| Disposition | Less than 100 pages processed | 101-500 pages processed | 501-1000 pages processed | 1001-5000 pages processed | More than 5000 pages processed | |||||
|---|---|---|---|---|---|---|---|---|---|---|
| Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | |
| All disclosed | 9,704 | 34,299 | 6 | 1,483 | 0 | 0 | 1 | 2,048 | 0 | 0 |
| Disclosed in part | 1,561 | 27,303 | 669 | 167,488 | 139 | 92,515 | 44 | 67,720 | 0 | 0 |
| All exempted | 27 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Request abandoned | 1,398 | 507 | 3 | 611 | 0 | 0 | 0 | 0 | 0 | 0 |
| Neither confirmed nor denied | 9 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 12,699 | 62,109 | 678 | 169,582 | 139 | 92,515 | 45 | 69,768 | 0 | 0 |
| Disposition | Consultation required |
Legal advice sought |
Interwoven information |
Other | Total |
|---|---|---|---|---|---|
| All disclosed | 1 | 0 | 0 | 0 | 1 |
| Disclosed in part | 31 | 0 | 2,154 | 0 | 2,185 |
| All exempted | 0 | 0 | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 | 0 | 0 |
| Request abandoned | 0 | 0 | 0 | 0 | 0 |
| Neither confirmed nor denied | 2 | 0 | 0 | 0 | 2 |
| Total | 34 | 0 | 2,154 | 0 | 2,188 |
2.6 Closed requests
| Number of requests closed within legislated timelines | 13,663 |
| Percentage of requests closed within legislated timelines | 98.5% |
2.7 Deemed refusals
| Number of requests closed past the legislated timelines | Principal reason |
|||
|---|---|---|---|---|
| Interference with operations and workload | External consultation | Internal consultation | Other | |
| 203 | 64 | 1 | 8 | 130 |
| Number of days past legislated timelines | Number of requests past legislated timeline where no extension was taken | Number of requests past legislated timeline where an extension was taken | Total |
|---|---|---|---|
| 1 to 15 days | 52 | 26 | 78 |
| 16 to 30 days | 7 | 10 | 17 |
| 31 to 60 days | 11 | 22 | 33 |
| 61 to 120 days | 1 | 24 | 25 |
| 121 to 180 days | 2 | 10 | 12 |
| 181 to 365 days | 2 | 17 | 19 |
| More than 365 days | 2 | 17 | 19 |
| Total | 77 | 126 | 203 |
| Translation requests | Accepted | Refused | Total |
|---|---|---|---|
| English to French | 0 | 0 | 0 |
| French to English | 0 | 0 | 0 |
| Total | 0 | 0 | 0 |
Section 3: Disclosures under subsection 8(2) and 8(5)
| Paragraph 8(2)(e) | Paragraph 8(2)(m) | Paragraph 8(5) | Total |
|---|---|---|---|
| 1,066 | 0 | 0 | 1,066 |
Section 4: Requests for correction of personal information and notations
| Disposition for correction requests received | Number |
|---|---|
| Notations attached | 22 |
| Requests for correction accepted | 5 |
| Total | 27 |
Section 5: Extensions
15(a)(i) |
15 (a)(ii) |
15(b) |
||||||
|---|---|---|---|---|---|---|---|---|
| Number of requests where an extension was taken | Further review required to determine exemptions | Large volume of pages | Large volume of requests | Documents are difficult to obtain | Cabinet confidence section (Section 70) |
External | Internal | |
| 910 | 11 | 75 | 780 | 30 | 0 | 8 | 5 | 1 |
15(a)(i) |
15 (a)(ii) |
15(b) |
||||||
|---|---|---|---|---|---|---|---|---|
| Length of extensions | Further review required to determine exemptions | Large volume of pages | Large volume of requests | Documents are difficult to obtain | Cabinet confidence section (Section 70) |
External | Internal | |
| 1 to 15 days | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 16 to 30 days | 11 | 75 | 780 | 30 | 0 | 8 | 5 | 1 |
| 31 days or greater | N/A | N/A | N/A | N/A | N/A | N/A | N/A | 0 |
| Total | 11 | 75 | 780 | 30 | 0 | 8 | 5 | 1 |
Section 6: Consultations received from other institutions and organizations
| Consultations | Other Government of Canada institutions | Number of pages to review | Other organizations | Number of pages to review |
|---|---|---|---|---|
| Received during the reporting period | 73 | 1,882 | 1 | 15 |
| Outstanding from the previous reporting period | 6 | 32,913 | 1 | 39 |
| Total | 79 | 34,795 | 2 | 54 |
| Closed during the reporting period | 79 | 34,795 | 1 | 15 |
| Carried over to the next reporting period | 0 | 0 | 1 | 39 |
| Recommendation | 1 to 15 | 16 to 30 | 31 to 60 | 61 to 120 | 121 to 180 | 181 to 365 | More than 365 | Total |
|---|---|---|---|---|---|---|---|---|
| All disclosed | 18 | 10 | 5 | 0 | 0 | 0 | 0 | 33 |
| Disclosed in part | 12 | 19 | 6 | 0 | 0 | 0 | 0 | 37 |
| All exempted | 5 | 2 | 1 | 0 | 0 | 0 | 0 | 8 |
| All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Consult other institution | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Other | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1 |
| Total | 35 | 31 | 12 | 0 | 0 | 0 | 1 | 79 |
| Recommendation | 1 to 15 | 16 to 30 | 31 to 60 | 61 to 120 | 121 to 180 | 181 to 365 | More than 365 | Total |
|---|---|---|---|---|---|---|---|---|
| All disclosed | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 1 |
| Disclosed in part | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All exempted | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Consult other institution | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Other | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 1 |
Section 7: Completion time of consultations on Cabinet confidences
| Number of days | Fewer than 100 pages processed | 101 to 500 pages processed | 501 to 1,000 pages processed | 1,001 to 5,000 pages processed | More than 5,000 pages processed | |||||
|---|---|---|---|---|---|---|---|---|---|---|
| Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | |
| 1 to 15 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 16 to 30 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 31 to 60 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 61 to 120 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 121 to 180 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 181 to 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| More than 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Number of days | Fewer than 100 pages processed | 101 to 500 pages processed | 501 to 1,000 pages processed | 1,001 to 5,000 pages processed | More than 5,000 pages processed | |||||
|---|---|---|---|---|---|---|---|---|---|---|
| Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | |
| 1 to 15 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 16 to 30 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 31 to 60 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 61 to 120 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 121 to 180 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 181 to 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| More than 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Section 8: Complaints and investigations notices received
| Section 31 | Section 33 | Section 35 | Court action | Total |
|---|---|---|---|---|
| 59 | 4 | 86 | 0 | 149 |
Section 9: Privacy impact assessments and personal information banks
| Number of privacy impact assessments completed | 3 |
|---|
| Active | Created | Terminated | Modified |
|---|---|---|---|
| 67 | 0 | 0 | 3 |
Section 10: Material privacy breaches
| Number of material privacy breaches reported to the Treasury Board of Canada Secretariat | 0 |
|---|---|
| Number of material privacy breaches reported to the Office of the Privacy Commissioner of Canada | 0 |
Section 11: Resources Related to the Privacy Act
| Expenditures | Amount | |
|---|---|---|
| Salaries | $5,092,615 | |
| Overtime | $93,602 | |
| Goods and services: | $213,904 | |
Professional services contracts |
$0 | |
Other |
$213,904 | |
| Total | $5,400,121 | |
| Resources | Person years dedicated to privacy activities |
|---|---|
| Full-time employees | 54.23 |
| Part-time and casual employees | 4.53 |
| Regional staff | 0.00 |
| Consultants and agency personnel | 0.00 |
| Students | 0.48 |
| Total | 59.24 |
Annex C: Supplemental statistical report—Request affected by COVID-19 measures
The following table reports the total number of formal requests received during 2 periods: to and to .
| Number of requests | |
|---|---|
| Received from to | 13,578 |
| Received from to | 524 |
| Total 1 | 14,102 |
1. Total is equal to the total in the Privacy Statistical Report, section 1.1, row 1. |
|
The following table reports the total number of requests closed within the legislated timelines and the number of closed requests that were deemed refusals during 2 periods: to and to .
| Number of requests closed within the legislated timelines | Number of requests closed past the legislated timelines | |
|---|---|---|
| Received from to and outstanding from previous reporting periods | 13,375 | 179 |
| Received from to | 288 | 24 |
| Total 2 | 13,663 | 203 |
2. Total for column 1 is equal to the total in the Privacy Statistical Report, section 2.6.1, row 1, and the total for column 2 is equal to the total in the Privacy Statistical Report, section 2.7.1., column 1, row 1. |
||
The following table reports the total number of requests carried over during 2 periods: to and to .
| Number of requests | |
|---|---|
| Requests received from to and outstanding from previous reporting period that were carried over to the 2020 to 2021 reporting period | 1,153 |
| Requests received from to that were carried over to the 2020 to 2021 reporting period | 212 |
| Total 3 | 1,365 |
3. Total is equal to the total in the Privacy Statistical Report, section 1.1, row 5. |
|
- Date modified: